I've been doing this ever since they released certbot, but I can't really vouch for the stability of this method. Changes to your virtual host config can break this very easily, especially if rewrites to https are involved.